rack-shield 1.2.0 → 1.2.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +2 -0
  3. data/lib/rack/shield/version.rb +1 -1
  4. data/lib/rack/shield.rb +22 -3
  5. metadata +5 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8853aad4ab5646f5a5477f712fe297f005660958e15358144fc175d4f1497215
4
- data.tar.gz: 23cf1ec7e0b8d547ccbaf66a63bcb8f8914677a70b1377b8ca4c4ba3894f8d56
3
+ metadata.gz: 51d97823d4d9691ca4e7aa4279a5b3271d77edf5d74c2952529242055e3677a5
4
+ data.tar.gz: d5bfe6b47f7f5e6ca8002f7858803423c9f70bb08295fb65f1b7dafa6b69f685
5
5
  SHA512:
6
- metadata.gz: ddcbe97f5e6f3ba3ba3d50be2b60c248ac1c2e5c730744e498e7b7f6093d4f5adbc7b3c87bdae15569184387c6ef6afaf098752482d869b6842aaaf32eba8360
7
- data.tar.gz: e558e60a3711893170dc994a9ec6d7c31b871f4237ba8ba7779cec44cc65ed8dd198579f2729e8e438948cbe5c953adba3c521adb70ecea999d22a4ec010567f
6
+ metadata.gz: bfb74fe3a4b4a47a4353473c49af671a8fa43ed85f57e0864939148a1f89640b003310156505f665e69a06887c451a998c8ca4b5a0c4978f9f13e2de135bde66
7
+ data.tar.gz: 197b286bd3770e8053c3343ad417f228e26beb9c759c114069c9fe1a540e8c2523d51963944706c461f1a224c8cac4cbe151ce143d8dd18fa59ffc95d2cbe32f
data/README.md CHANGED
@@ -1,3 +1,5 @@
1
+ [![Gem Version](https://badge.fury.io/rb/rack-shield.svg)](http://badge.fury.io/rb/rack-shield) [![build](https://github.com/mtgrosser/rack-shield/actions/workflows/build.yml/badge.svg)](https://github.com/mtgrosser/rack-shield/actions/workflows/build.yml)
2
+
1
3
  ![Shield](https://raw.githubusercontent.com/mtgrosser/rack-shield/master/doc/shield.svg)
2
4
 
3
5
  # Rack::Shield
data/lib/rack/shield/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Rack
2
2
  module Shield
3
- VERSION = '1.2.0'
3
+ VERSION = '1.2.2'
4
4
  end
5
5
  end
data/lib/rack/shield.rb CHANGED
@@ -8,7 +8,7 @@ require_relative 'shield/request_ext'
8
8
  module Rack
9
9
  module Shield
10
10
  DEFAULT_PATHS = [/\/wp-(includes|content|admin|json|config)/,
11
- /\.(php|cgi|asp|aspx|shtml|log|(my)?sql(\.tar)?(\.t?(gz|zip))?|cfm|py|lasso|e?rb|pl|jsp|do|action|sh|dll)\z/i,
11
+ /\.(php\d?|cgi|asp|aspx|shtml|log|(my)?sql(\.tar)?(\.t?(gz|zip))?|cfm|cmd|py|lasso|e?rb|pl|jsp|do|action|sh|dll|lsp)\z/i,
12
12
  'cgi-bin',
13
13
  'phpmyadmin',
14
14
  '/pma/',
@@ -20,6 +20,7 @@ module Rack
20
20
  '.php/',
21
21
  '/browsedisk',
22
22
  '/mambo/',
23
+ '/ipython/',
23
24
  '/jenkins/',
24
25
  '/joomla/',
25
26
  '/varien/js.js',
@@ -54,12 +55,30 @@ module Rack
54
55
  '/aspnet-ajax/',
55
56
  '/Portal.mwsl',
56
57
  '/adminer',
58
+ '/appsuite/signin',
59
+ '/io.ox/',
60
+ '/tkset/',
61
+ '/bakula-web',
62
+ '/snort/',
63
+ '/officescan/',
64
+ '/servlet/',
65
+ '/ox6/',
66
+ '/ws_utc/',
67
+ '/OASREST/',
68
+ '/WEB-INF/',
69
+ '/faspex/',
70
+ '/(download)/',
71
+ '/nacos/',
72
+ '/UploadServlet',
73
+ '/meta-data/identity-credentials/',
74
+ '/SDK/webLanguage',
57
75
  /\A\/"/,
58
76
  /\/\.(hg|git|svn|bzr|htaccess|ftpconfig|vscode|remote-sync|aws|env|DS_Store)/,
59
77
  /\/old\/?\z/,
60
78
  /\/\.env\z/,
61
79
  /\A\/old-wp/,
62
- /\A\/(wordpress|wp)(\/|\z)/]
80
+ /\A\/(wordpress|wp)(\/|\z)/,
81
+ /Open-Xchange/i]
63
82
 
64
83
  DEFAULT_QUERIES = [/SELECT.+FROM.+/i,
65
84
  /SELECT.+COUNT/i,
@@ -78,7 +97,7 @@ module Rack
78
97
  'HelloThinkCMF',
79
98
  'XDEBUG_SESSION_START']
80
99
 
81
- DEFAULT_BODIES = []
100
+ DEFAULT_BODIES = ['OKMLlKlV']
82
101
 
83
102
  class << self
84
103
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: rack-shield
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.2.0
4
+ version: 1.2.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Matthias Grosser
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-03-16 00:00:00.000000000 Z
11
+ date: 2023-08-15 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rack-attack
@@ -44,7 +44,7 @@ homepage: https://github.com/mtgrosser/rack-shield
44
44
  licenses:
45
45
  - MIT
46
46
  metadata: {}
47
- post_install_message:
47
+ post_install_message:
48
48
  rdoc_options: []
49
49
  require_paths:
50
50
  - lib
@@ -60,7 +60,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
60
60
  version: '0'
61
61
  requirements: []
62
62
  rubygems_version: 3.1.4
63
- signing_key:
63
+ signing_key:
64
64
  specification_version: 4
65
65
  summary: Block and unblock evil requests
66
66
  test_files: []